otpclient: with FreeOTP+ export, spaces in key URIs are not encoded

[fvcr]

Hi @paolostivanin,

When using Export → FreeOTP+ (key URI), the URIs in the generated file have raw space characters. Such characters should be encoded as %20.

Please, see: https://bugs.debian.org/1074263

Maybe you can tell us if this happens on your side too.

Thanks!

[paolostivanin]

hmmm doesn't happened here. I have exported my tokens and all is fine, e.g.:

otpauth://totp/Amazon%20Web%20Services...
otpauth://totp/Nextcloud%20Personal...

[paolostivanin]

internally, it's using g_uri_escape_string to generate the escaped string. I'm on Tumbleweed, which is using the same version as the OP (2.80.3)

[paolostivanin]

I'll check on Debian testing what's going on

[paolostivanin]

Can confirm that it works fine for me also on Debian testing. I would need a reproducer in order to debug what's happening.

[vinc17fr]

Apparently the issue occurs only for the issuer. For instance:

otpauth://totp/test%20123%3Atest%20123?secret=GEZDGNBVGY3TQOIK&issuer=test 123&digits=6&algorithm=SHA1&period=30

The space for the account is correctly encoded, but not the one for the issuer.

[paolostivanin]

ahhh found the issue! Will fix it asap, thanks @vinc17fr

EDIT: it will be part of release 3.7.0 which I plan to release either tomorrow or on the weekend

[fvcr]

I've reproduced on both debian 12.5, testing and unstable.

Maybe that will help,

You can generate a base32 encoded string like this: $ echo 123456789 | base32 MVRWQ3ZAGEZDGNBVGY3TQOIK

And add a new token manually: Add token > Manually TOTP - SHA1 - Account: "test 123" - Issuer: "test 123" - Secret: MVRWQ3ZAGEZDGNBVGY3TQOIK - Digits: 6 - Period: 30

Export > FreeOTP+ (Key URI) It generated a file called freeotpplus-exports.txt, with the content:

otpauth://totp/test%20123%3Atest%20123?secret=MVRWQ3ZAGEZDGNBVGY3TQOIK&issuer=test 123&digits=6&algorithm=SHA1&period=30

The same content I showed in the bug.

In my opinion, the field issuer is coming with uncoded space.